While cyberattacks against large businesses are often carried out by cybercriminals, new research from the government-funded agency Jisc has discovered that staff or students could be responsible for cyber-attacks against colleges and universities.

The agency examined the timing of 850 attacks that took place during the 2017-2018 academic year and identified a 'clear pattern' of attacks that occurred during term times and during the working hours of educational institutions.

Jisc found that the number and rate of attacks decreased significantly once the holidays began which gives even more credibility to the idea that either students or disgruntled staff could be behind the cyberattacks on colleges and universities.

The timing and nature of the attacks

Generally it is quite difficult to identify individual cybercriminals but the agency produced a report which showed that the attacks coincided with the times when students and staff were most likely to be present. The attacks increased from 8am or 9am and then tampered off during the early afternoon. There was also a sharp decline in attacks during the Christmas, Easter and summer breaks with the attacks beginning again once terms resumed.

During the academic year, more than 850 attacks were carried out against almost 190 universities and colleges which was up from 600 attacks on around 140 institutions during the previous year.

The attackers also did not behave like traditional cybercriminals who often use malware, ransomware and phishing attacks to steal sensitive data. Instead, they launched distributed denial of service (DDoS) attacks aimed at disrupting or even bringing down the institutions' networks.

Educational institutions are still on cybercriminals' radar

Data privacy expert at McAfee, Nigel Hawthorn explained that while these attacks just aimed at disrupting networks, cybercriminals are still quite interested in the data held by educational institutions, saying:

“The kind of data held by universities (student records/intellectual property) is a valuable commodity for cyber criminals, so it is crucial that the security and education sectors work together to protect it. According to McAfee research, education is the fourth most targeted sector of all, more so than even the finance and retail industries.

Higher education organisations and others across the public sector are also facing up to how best to effectively and securely manage their shift to the cloud, and the rapidly increasing number of cloud applications and environments which is making security much more complex.

Universities must first and foremost recognise the value of the data they protect, and therefore its appeal to cyber criminals. It is also crucial that security is built in from the outset with robust processes. This should incorporate the ability to detect threats as soon as they arise and, once targeted, correct systems quickly to minimise disruption to students, researchers and faculty.”